The perimeter router is usually the first line of defense against security threats. The role of a perimeter router is to filter any outside traffic to
implement basic security for the DMZ and preliminary filtering for the
inside network. Of course there are many things that can be done to secure perimeter routers.
Disabling unused services such as CDP,
finger, and TCP and UDP can increase security. Many of these services have security issues,
each with its own level of risk. A hacker may use these services to his/her own
advantage by gathering information about your router, or even try to gain
unauthorized access. Hence, disabling all of the unused
services on the perimeter router is necessary.
For security purposes, event logging on
perimeter routers is important. The events that are usually logged are
interface status change, changes to system configuration, access list matches,
events detected by the firewall, and intrusion detection features. Most routers
are able to save system logging information to a local RAM buffer. This can be
used for further reference if any security issues pop up later. However, if the
router is reloaded, all the contents are lost.
References
http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/Part+II+Securing+the+Network+Perimeter/Chapter+5+Securing+Cisco+Perimeter+Routers/Perimeter+Router+Terms+and+Concepts/
No comments:
Post a Comment